On 5/7/2013 11:02 PM, Steve Prior wrote: > On 5/7/2013 1:44 AM, Benny Pedersen wrote: >> Chris Santerre skrev den 2013-05-06 17:27: >>> 10 days and still being abused badly. Recommending for everyone to >>> just refuse any .pw >> >> time for spamhaus ? :=) >> >>> for those wanting an SA rule, here: >>> >>> header PW_IS_BAD_TLD From =~ /.pwb/ >>> describe PW_IS_BAD_TLD PW TLD ABUSE >>> score PW_IS_BAD_TLD 3 >> >> here i would like to use -3 >> >>> Change score to whatever you want. Enjoy. >> >> thats the point of opensource imho :) >> >> hopefully the good pw domains start using opendkim, and then let the >> world >> repute it from there >> > > I blocked everything from TLD pw at the Postfix level so the email gets > rejected without ever hitting spamassassin. > > I created /etc/postfix/sender_access with the contents: > pw REJECT > > ran postmap sender_access > > and then added > check_sender_access hash:/etc/postfix/sender_access > to smtpd_recipient_restrictions > > Problem went away completely, sorry Palau. > > Steve >
Steve, just wanted to thank you for providing an elegant solution to this problem. It seems far more preferable to block this nonsense right at the MTA level (for now). Your instructions worked for me and I now see the following in my mail log for any .pw sender: postfix/smtpd[10660]: NOQUEUE: reject: RCPT from unknown[173.213.124.203]: 554 5.7.1 <i...@schemecompany.pw>: Sender address rejected: Access denied Much appreciated! -Ben
